GitBross Home Explore Help
Register Sign In
sol_Bo8des9o
/
openzeppelin-contracts
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 1488d4f678
Branches Tags
openzeppelin-co...
/
test
/
utils
/
cryptography
/
ECDSA.test.js

ECDSA.test.js 6.8 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154 
  1. const { expectRevert } = require('@openzeppelin/test-helpers');
    2. 

  2. const { toEthSignedMessageHash } = require('../../helpers/sign');
    3. 

  3. 

  4. const { expect } = require('chai');
    5. 

  5. 

  6. const ECDSAMock = artifacts.require('ECDSAMock');
    7. 

  7. 

  8. const TEST_MESSAGE = web3.utils.sha3('OpenZeppelin');
    9. 

  9. const WRONG_MESSAGE = web3.utils.sha3('Nope');
    10. 

  10. 

  11. function to2098Format (signature) {
    12. 

  12.   const long = web3.utils.hexToBytes(signature);
    13. 

  13.   expect(long.length).to.be.equal(65);
    14. 

  14.   const short = long.slice(0, 64);
    15. 

  15.   short[32] |= (long[64] % 27) << 7; // set the first bit of the 32nd byte to the v parity bit
    16. 

  16.   return web3.utils.bytesToHex(short);
    17. 

  17. }
    18. 

  18. 

  19. function from2098Format (signature) {
    20. 

  20.   const short = web3.utils.hexToBytes(signature);
    21. 

  21.   expect(short.length).to.be.equal(64);
    22. 

  22.   short.push((short[32] >> 7) + 27);
    23. 

  23.   short[32] &= (1 << 7) - 1; // zero out the first bit of 1 the 32nd byte
    24. 

  24.   return web3.utils.bytesToHex(short);
    25. 

  25. }
    26. 

  26. 

  27. contract('ECDSA', function (accounts) {
    28. 

  28.   const [ other ] = accounts;
    29. 

  29. 

  30.   beforeEach(async function () {
    31. 

  31.     this.ecdsa = await ECDSAMock.new();
    32. 

  32.   });
    33. 

  33. 

  34.   context('recover with invalid signature', function () {
    35. 

  35.     it('with short signature', async function () {
    36. 

  36.       await expectRevert(this.ecdsa.recover(TEST_MESSAGE, '0x1234'), 'ECDSA: invalid signature length');
    37. 

  37.     });
    38. 

  38. 

  39.     it('with long signature', async function () {
    40. 

  40.       await expectRevert(
    41. 

  41.         // eslint-disable-next-line max-len
    42. 

  42.         this.ecdsa.recover(TEST_MESSAGE, '0x01234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789'),
    43. 

  43.         'ECDSA: invalid signature length',
    44. 

  44.       );
    45. 

  45.     });
    46. 

  46.   });
    47. 

  47. 

  48.   context('recover with valid signature', function () {
    49. 

  49.     context('using web3.eth.sign', function () {
    50. 

  50.       it('returns signer address with correct signature', async function () {
    51. 

  51.         // Create the signature
    52. 

  52.         const signature = await web3.eth.sign(TEST_MESSAGE, other);
    53. 

  53. 

  54.         // Recover the signer address from the generated message and signature.
    55. 

  55.         expect(await this.ecdsa.recover(
    56. 

  56.           toEthSignedMessageHash(TEST_MESSAGE),
    57. 

  57.           signature,
    58. 

  58.         )).to.equal(other);
    59. 

  59.       });
    60. 

  60. 

  61.       it('returns a different address', async function () {
    62. 

  62.         const signature = await web3.eth.sign(TEST_MESSAGE, other);
    63. 

  63.         expect(await this.ecdsa.recover(WRONG_MESSAGE, signature)).to.not.equal(other);
    64. 

  64.       });
    65. 

  65. 

  66.       it('reverts with invalid signature', async function () {
    67. 

  67.         // eslint-disable-next-line max-len
    68. 

  68.         const signature = '0x332ce75a821c982f9127538858900d87d3ec1f9f737338ad67cad133fa48feff48e6fa0c18abc62e42820f05943e47af3e9fbe306ce74d64094bdf1691ee53e01c';
    69. 

  69.         await expectRevert(this.ecdsa.recover(TEST_MESSAGE, signature), 'ECDSA: invalid signature');
    70. 

  70.       });
    71. 

  71.     });
    72. 

  72. 

  73.     context('with v0 signature', function () {
    74. 

  74.       // Signature generated outside ganache with method web3.eth.sign(signer, message)
    75. 

  75.       const signer = '0x2cc1166f6212628A0deEf2B33BEFB2187D35b86c';
    76. 

  76.       // eslint-disable-next-line max-len
    77. 

  77.       const signatureWithoutVersion = '0x5d99b6f7f6d1f73d1a26497f2b1c89b24c0993913f86e9a2d02cd69887d9c94f3c880358579d811b21dd1b7fd9bb01c1d81d10e69f0384e675c32b39643be892';
    78. 

  78. 

  79.       it('reverts with 00 as version value', async function () {
    80. 

  80.         const version = '00';
    81. 

  81.         const signature = signatureWithoutVersion + version;
    82. 

  82.         await expectRevert(this.ecdsa.recover(TEST_MESSAGE, signature), 'ECDSA: invalid signature \'v\' value');
    83. 

  83.       });
    84. 

  84. 

  85.       it('works with 27 as version value', async function () {
    86. 

  86.         const version = '1b'; // 27 = 1b.
    87. 

  87.         const signature = signatureWithoutVersion + version;
    88. 

  88.         expect(await this.ecdsa.recover(TEST_MESSAGE, signature)).to.equal(signer);
    89. 

  89.       });
    90. 

  90. 

  91.       it('reverts with wrong version', async function () {
    92. 

  92.         // The last two hex digits are the signature version.
    93. 

  93.         // The only valid values are 0, 1, 27 and 28.
    94. 

  94.         const version = '02';
    95. 

  95.         const signature = signatureWithoutVersion + version;
    96. 

  96.         await expectRevert(this.ecdsa.recover(TEST_MESSAGE, signature), 'ECDSA: invalid signature \'v\' value');
    97. 

  97.       });
    98. 

  98. 

  99.       it('works with short EIP2098 format', async function () {
    100. 

  100.         const version = '1b'; // 27 = 1b.
    101. 

  101.         const signature = signatureWithoutVersion + version;
    102. 

  102.         expect(await this.ecdsa.recover(TEST_MESSAGE, to2098Format(signature))).to.equal(signer);
    103. 

  103.         expect(await this.ecdsa.recover(TEST_MESSAGE, from2098Format(to2098Format(signature)))).to.equal(signer);
    104. 

  104.       });
    105. 

  105.     });
    106. 

  106. 

  107.     context('with v1 signature', function () {
    108. 

  108.       const signer = '0x1E318623aB09Fe6de3C9b8672098464Aeda9100E';
    109. 

  109.       // eslint-disable-next-line max-len
    110. 

  110.       const signatureWithoutVersion = '0x331fe75a821c982f9127538858900d87d3ec1f9f737338ad67cad133fa48feff48e6fa0c18abc62e42820f05943e47af3e9fbe306ce74d64094bdf1691ee53e0';
    111. 

  111. 

  112.       it('reverts with 01 as version value', async function () {
    113. 

  113.         const version = '01';
    114. 

  114.         const signature = signatureWithoutVersion + version;
    115. 

  115.         await expectRevert(this.ecdsa.recover(TEST_MESSAGE, signature), 'ECDSA: invalid signature \'v\' value');
    116. 

  116.       });
    117. 

  117. 

  118.       it('works with 28 as version value', async function () {
    119. 

  119.         const version = '1c'; // 28 = 1c.
    120. 

  120.         const signature = signatureWithoutVersion + version;
    121. 

  121.         expect(await this.ecdsa.recover(TEST_MESSAGE, signature)).to.equal(signer);
    122. 

  122.       });
    123. 

  123. 

  124.       it('reverts with wrong version', async function () {
    125. 

  125.         // The last two hex digits are the signature version.
    126. 

  126.         // The only valid values are 0, 1, 27 and 28.
    127. 

  127.         const version = '02';
    128. 

  128.         const signature = signatureWithoutVersion + version;
    129. 

  129.         await expectRevert(this.ecdsa.recover(TEST_MESSAGE, signature), 'ECDSA: invalid signature \'v\' value');
    130. 

  130.       });
    131. 

  131. 

  132.       it('works with short EIP2098 format', async function () {
    133. 

  133.         const version = '1c'; // 27 = 1b.
    134. 

  134.         const signature = signatureWithoutVersion + version;
    135. 

  135.         expect(await this.ecdsa.recover(TEST_MESSAGE, to2098Format(signature))).to.equal(signer);
    136. 

  136.         expect(await this.ecdsa.recover(TEST_MESSAGE, from2098Format(to2098Format(signature)))).to.equal(signer);
    137. 

  137.       });
    138. 

  138.     });
    139. 

  139. 

  140.     it('reverts with high-s value signature', async function () {
    141. 

  141.       const message = '0xb94d27b9934d3e08a52e52d7da7dabfac484efe37a5380ee9088f7ace2efcde9';
    142. 

  142.       // eslint-disable-next-line max-len
    143. 

  143.       const highSSignature = '0xe742ff452d41413616a5bf43fe15dd88294e983d3d36206c2712f39083d638bde0a0fc89be718fbc1033e1d30d78be1c68081562ed2e97af876f286f3453231d1b';
    144. 

  144. 

  145.       await expectRevert(this.ecdsa.recover(message, highSSignature), 'ECDSA: invalid signature \'s\' value');
    146. 

  146.     });
    147. 

  147.   });
    148. 

  148. 

  149.   context('toEthSignedMessage', function () {
    150. 

  150.     it('prefixes hashes correctly', async function () {
    151. 

  151.       expect(await this.ecdsa.toEthSignedMessageHash(TEST_MESSAGE)).to.equal(toEthSignedMessageHash(TEST_MESSAGE));
    152. 

  152.     });
    153. 

  153.   });
    154. 

  154. });
    155.